Skillv1.0.0

ClawScan security

Helius API · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousFeb 11, 2026, 4:53 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior (it needs a HELIUS_API_KEY and will call Helius endpoints) matches its purpose, but the published metadata/manifest does not declare the required API key and there is no trusted source/homepage — this mismatch and lack of provenance warrant caution.
Guidance: This skill appears to do what it says (query Helius for Solana data), but there are two things to check before installing: (1) provenance — the skill's source/homepage is unknown; prefer skills published by a known/trusted owner or with a documented homepage. (2) manifest mismatch — SKILL.md requires a HELIUS_API_KEY but the registry metadata does not declare it; ask the publisher to update the manifest to explicitly require HELIUS_API_KEY so you know what will be accessed. Practical precautions: use a dedicated Helius API key with limited billing/quota for this skill (or an account with limited funds), enable monitoring/alerts on API usage, rotate the key if you stop using the skill, and consider restricting the agent to manual invocation if you don’t want automated queries that could consume credits. If you cannot verify the skill author or the missing manifest entry is not fixed, treat installation as higher risk and avoid providing your primary Helius key.

Purpose & Capability: noteThe skill's name/description and the SKILL.md consistently describe querying Helius (Solana) REST APIs; the operations (balances, history, transfers, identity, enhanced transactions) legitimately require a Helius API key and network access. That is coherent with the stated purpose.
Instruction Scope: okThe SKILL.md instructs the agent only to call Helius REST endpoints (via curl/fetch) and to use the HELIUS_API_KEY as a query param or header. It does not instruct reading unrelated system files, other environment variables, or contacting unexpected third-party endpoints.
Install Mechanism: okThis is an instruction-only skill (no install spec, no code files executed at install). No downloads or install scripts are present, which reduces the risk from installation.
Credentials: concernThe SKILL.md explicitly requires HELIUS_API_KEY, but the registry metadata lists no required env vars and primary credential is none — a clear mismatch. The skill will use the user's Helius API key to make potentially many paid requests (SKILL.md notes wallet API requests cost credits), so the credential is both necessary and sensitive; the manifest should declare it. No other credentials are requested.
Persistence & Privilege: okThe skill does not request always:true or any elevated system presence. It is user-invocable and can be invoked autonomously by default (platform default), which is expected for skills of this type.